While working on a Drupal 8 project served by NGINX and PHP-FPM, the status report looked great aside from UPLOAD PROGRESS at the bottom: Your server is capable of displaying file upload progress, but does not have the required libraries. It is recommended to install...

HTTPS and Encryption by Default Encryption by default has become the new standard for web applications and many of the world’s top busiest sites have already made the switch to serving content via HTTPS. Google is no stranger to encryption, having made HTTPS the...

Enabling Nginx Modules One inconvenience with Nginx is that modules cannot be dynamically added or removed as they can in Apache. Instead, Nginx modules are specified at compile-time. If you want to add or remove any Nginx modules such as ngx_lua,...

Over the weekend I installed a copy of CiviCRM on WordPress to demo for a small nonprofit that recently asked me to help with some of their data needs. CiviCRM is a constituent relationship management (CRM) system designed for nonprofit organizations. While I...

Extra protection against brute force attacks While WordPress has an authentication system of its own, some opt to add additional server-side password protection to /wp-admin/ using basic authentication. This prompts users for a username and a password before even...

Over the past few months I’ve been working with WordPress sites a surprising amount. During this same time, I decided to switch all of my sites over to HTTPS exclusively. The switch was relatively painless, especially since free SSL certificate are now...